摘要
随着计算机网络的推广和网络事务的日益普及,网络安全得到了广泛的关注。入侵检测系统(IDS)作为一种重要的计算机系统安全监测手段,已经成为维护网络安全的主要技术之一。该文提出的改进模型是利用STAT(StateTransitionAnalysisTool,状态转换分析工具)技术对IDS分析引擎增加了有效的辅助模块,并使用数据挖掘技术对原始审记数据进行初步的数据清洗。与传统的IDS相比,改进后的系统有效地提高了入侵检测性能和精度,并具有较好的可扩展性和健壮性。
With the rapid spread of computer network and the prevalence of transactions based on Internet,extensive attention has been focused on the network security.As an important security inspection approach of computer system,Intrusion Detection System(IDS)has become an indispensable technology for maintaining network security.The improved model put forward by this paper adds an efficient assistant module to IDS's analysis engine by using STAT(State Transition Analysis Tool)technology,and it also uses data-mining technique to perform preparatory data purge on the ori-ginal audit records.Compared with traditional IDS prototype,the improved system promotes the performance and precision of intrusion detection effectively and possesses fine expansibility and robust.
出处
《计算机工程与应用》
CSCD
北大核心
2003年第7期149-152,共4页
Computer Engineering and Applications
基金
江苏省应用研究基础项目(编号:BJ000002)
教育部"跨世纪优秀人才培养计划"基金项目
"东南大学网络和信息集成教育部重点实验室"访问学者基金项目(编号:93K9)
